Nextage: Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart allow remote attackers to inject arbitrary web script or HTML via (1) the CatId parameter in a product category action in index.php or (2) the SearchWd parameter in an index search action in index.php.
CVSS Score
6.8
EPSS Score
0.016
Published
2006-09-25
Multiple cross-site scripting (XSS) vulnerabilities in myadmin/index.php in NextAge Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) password parameters.
CVSS Score
5.8
EPSS Score
0.005
Published
2006-04-26